1.5.4 / 21 August 2015
SekChek Local is a set of automated computer security audit and benchmarking tools developed by SekChek IPS in March 2008.
The product analyses security controls on Hosts or domains across an organisation’s LAN and produces reports relating to the security on the network. The reporting engine is based on a portable Microsoft Access database. The product comprises 3 built-in security analysis tools: SekChek for SAM, SekChek for AD and SekChek for SQL.
Supported Platforms and Technologies
SekChek Local supports:
- Microsoft platforms: Windows NT4 to 2012, Active Directory, MS-Exchange and Microsoft SQL Server 2000, 2005 and 2008.
SekChek Classic, an alternate offering supports a wider range of platforms:
- Microsoft platforms: Windows NT4 to 2012 R2, Active Directory
- UNIX platforms: HP-UX (including C2/TCB), AIX, Solaris, OSF/1, DG/UX, OpenServer, UnixWare, DYNIX, BSD, HI-UX, Nokia IPSO, Linux
- NetWare platforms: NetWare 4.x, 5.x, 6.x
- OS400 platforms: iSeries (V2R3 to V7R1)
- PKI (public key cryptography), RC2, RC4, DES, Triple DES, AES, RSA, S/MIME, TLS/SSL (Transport Layer Security / Secure Sockets Layer).
Microsoft Office versions:
The tool benchmarks Windows OS security policies against data points contained in a statistics database. The statistics database contains over 30 million anonymous security measures retrieved from over 80,000 analyzed systems located in 140 countries. The developers of the software designed the built-in reports to assist general management, IT & audit professionals to quickly assess the state of security. The tool provides customisable summary and detailed reports in graphical and tabular formats via Microsoft Access. MS-Access assists in sorting, filtering and querying the data.
The SAM tool analyses security policies and objects defined on Windows member computers. These include all versions of Windows servers from Windows NT 4.0 The company states that the SAM tool was designed to analyze security on multiple member Servers and Workstations running any version of Microsoft Windows. The product analyses the hosts details, User and Group accounts, Group memberships, Account Rights, Administrative privileges, Security policies, Security properties, Services, Audit Events, Network Shares, Disks and Host Properties.
The SekChek AD tool analyses the domain-wide security policies and security objects defined in an Active Directory domain. The product analyzes the Domain account policies, Group Policy Objects (GPO) and links, User and Group accounts, Password Setting Objects (PSOs), DACLs and SACLs, Global Catalog Servers, Group memberships, Sites and Organizational Units, Trusts, Domain controllers and FSMO role owners.
SekChek for Exchange analyses Exchange organisations, Storage groups, Databases, Exchange servers and mail-enabled user objects.
The SekChek for SQL tool analyses database security settings, access rules and objects defined in Microsoft SQL Databases and supports versions of Microsoft SQL Server from SQL 2000. The product analyzes MS-SQL Server Settings, Logins, Server Roles, Database Users, Database Roles, Database Application Roles, Databases and file and directory Permissions.
- The tools do not have an installation procedure.
- The product does not depend on agent software.
- Security data is imported into Microsoft Access, analysed and benchmarked locally.
- Performs comparisons over time and system.
- Highlights changes made to security objects in Active Directory since the previous scan.
- Includes embedded utilities: A PC Audit tool that performs a basic analysis of a client PC; Encryption software; Windows Firewall auditor; an Active Directory query tool; an Event Log query tool; Ping; File hashing tool; SID resolver; and an Orphaned SID locator.
- "Audit Programs & ICQs" (Fee required). isaca.org.
- "IT Security Review Services". Deloitte.
- "AD Product Specifications" (PDF). SekChek Local.
- "SAM Product Specifications" (PDF). SekChek Local.
- "Compare Classic Software" (PDF). SekChek Classic.
- Carroll, Mariana (November 2006). "An Information Systems Auditor's Profile" (PDF). UNISA Dissertation.
These reports can be used to identify weaknesses as well as risk ratings and suggested corrective actions. These statements are supported by Mookhey (2004) when he asserts that "the use of these tools for security auditing is prevalentand driven mainly by the inherent complexity within information systems.
- "Annual Specialist IT Audit Activity Report 2004/5" (PDF). LB Bromley Internal Audit Report. November 2006.
- Kearns, Dave (October 5, 2006). "SekChek evaluates security". Network World. International Data Group. Retrieved May 20, 2009.
- Bosavage, Jennifer (June 7, 2006). "New Service Seeks Out Security Gaps". Dark Reading. United Business Media. TechWeb. Retrieved May 20, 2009.
- "SekChek Provides Independent Reality Check of OS Security" (Press release). Tippit Inc. June 27, 2006.
Independent, objective, and reliable evaluation of a company's computer security is the key deliverable of SekChek
- "Computer Security Evaluator SekChek Announces Brand New Product for On-Site Security" (Press release). Reuters. March 17, 2008.
- "Computer Security Evaluator SekChek Announces Compatibility with Microsoft Windows Vista" (Press release). DABCC. Oct 5, 2007.